Re: [fw-wiz] syslog and network management

From: "Darden, Patrick S." <darden@xxxxxxxx>
Date: Tue, 19 Feb 2008 13:35:53 -0500

Having a centralized log server is actually definced as best
practice. It is generally felt that it should only be
the log server though, all other services turned off,
firewall in place, etc. so it can be inviolate for all
auditing, legal procedures, security traces, etc.

The case for centralized logging:
http://ebuzzsaw.com/whitePapers/Case_for_Centralize_Logging.htm

-----Original Message-----
From: firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx
[mailto:firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx]On Behalf Of
shadow floating
Sent: Tuesday, February 19, 2008 10:20 AM
To: Firewall Wizards Security Mailing List
Subject: [fw-wiz] syslog and network management

Hi all,
is it appropriate from security point of view to have one server in
which syslog is installed to colledt logs from all network devices
(firewalls, switches and routers), in addition to installing
management software to like ciscoworks on the same machine, in
addition to using this machine as a network time server to sync all
network devices?, if yes does any one recommed certain specs for this
machine or it can be an ordinary machine with 1 GB of memory and 512
GB hard disk and 3.2 GHz processor.

thanks alot

regards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Follow-Ups:
- [fw-wiz] Firewall Placement Question
  - From: jason
- Re: [fw-wiz] syslog and network management
  - From: shadow floating

References:
- [fw-wiz] syslog and network management
  - From: shadow floating

Prev by Date: Re: [fw-wiz] [Full-disclosure] Load balancer ?
Next by Date: Re: [fw-wiz] ipsec communications with windows server
Previous by thread: [fw-wiz] syslog and network management
Next by thread: Re: [fw-wiz] syslog and network management
Index(es):
- Date
- Thread

Relevant Pages

Re: [fw-wiz] syslog and network management
... Is it a good idea to have a centralized log server for a plethora of devices and servers? ... auditing, legal procedures, security traces, etc. ... network devices?, if yes does any one recommed certain specs for this ...
(Firewall-Wizards)
Re: [fw-wiz] syslog and network management
... If you are confident that an application does not create an exploitable path to your log server you could *in theory* run that application on the log server. ... auditing, legal procedures, security traces, etc. ... , in addition to installing ... network devices?, if yes does any one recommed certain specs for this ...
(Firewall-Wizards)